package com.baby.security.controller;

import com.baby.security.model.MyUser;
import com.baby.security.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;

/**
 * @author 猪猪
 * @since 2022/6/16
 */
@RestController
public class TestController {


    @Autowired
    UserService userService;

    @GetMapping("/test")
     @Secured({"ROLE_root","ROLE_manager"})
    // 表示有ROLE_ROOT角色才能访问
    // @PreAuthorize("hasRole('ROLE_ROOT')")
    // 表示有ROLE_root或者ROLE_manager角色即可访问
    // @PreAuthorize("hasAnyRole('ROLE_root','ROLE_manager')")
    // 表示有add:user这个权限值即可访问，不区分角色或者权限
    //  @PreAuthorize("hasAuthority('add:user')")
    // 有其中一个权限值即可访问
    // @PreAuthorize("hasAnyAuthority('add:user','user:update')")
    // 表示只要登录都可以访问
    // @PreAuthorize("permitAll()")
    // 拒绝所有访问
    //@PreAuthorize("denyAll()")
    //@PreAuthorize("hasPermission(OAuth2ImportSelector,'add')")
    // @PostFilter(value = "filterObject.userName == 'test'")
//    @PreAuthorize("hasRole('ROLE_ROOT')")
    public Object test() {
        SecurityContext context = SecurityContextHolder.getContext();
        Authentication authentication = context.getAuthentication();
        MyUser principal = (MyUser) authentication.getPrincipal();
        System.out.println("最后结果："+principal);
        return principal;
    }
}